Merge branch 'dev' for release 2.4.8

.fabmanager-version

@@ -1 +1 @@
-2.4.7
+2.4.8

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog Fab Manager
 
+## v2.4.8 2016 December 15
+
+- Added asterisks on mandatory fields in member's form
+- Fixed wording on SSO screens
+- Ability to send again the auth-system migration token by email
+- Fix a bug: notification email about refund invoice tells about subscription while concerning wallet credit
+
 ## v2.4.7 2016 December 14
 
 - Improved automated testing

app/assets/javascripts/controllers/profile.coffee.erb

@@ -1,8 +1,8 @@
 
 'use strict'
 
-Application.Controllers.controller "CompleteProfileController", ["$scope", "$rootScope", "$state", "$window", "_t", "growl", "CSRF", "Auth", "Member", "settingsPromise", "activeProviderPromise", "groupsPromise", "cguFile", "memberPromise", "Session"
-, ($scope, $rootScope, $state, $window, _t, growl, CSRF, Auth, Member, settingsPromise, activeProviderPromise, groupsPromise, cguFile, memberPromise, Session) ->
+Application.Controllers.controller "CompleteProfileController", ["$scope", "$rootScope", "$state", "$window", "_t", "growl", "CSRF", "Auth", "Member", "settingsPromise", "activeProviderPromise", "groupsPromise", "cguFile", "memberPromise", "Session", "dialogs", "AuthProvider"
+, ($scope, $rootScope, $state, $window, _t, growl, CSRF, Auth, Member, settingsPromise, activeProviderPromise, groupsPromise, cguFile, memberPromise, Session, dialogs, AuthProvider) ->
 
 
 
@@ -141,6 +141,27 @@ Application.Controllers.controller "CompleteProfileController", ["$scope", "$roo
 
 
 
+  ##
+  # Ask for email confirmation and send the SSO merging token again
+  # @param $event {Object} jQuery event object
+  ##
+  $scope.resendCode = (event) ->
+    event.preventDefault()
+    event.stopPropagation()
+    dialogs.confirm
+      templateUrl: '<%= asset_path "profile/resend_code_modal.html" %>'
+      resolve:
+        object: ->
+          email: memberPromise.email
+    , (email) ->
+      # Request the server to send an auth-migration email to the current user
+      AuthProvider.send_code {email: email}, (res) ->
+        growl.info(_t('code_successfully_sent_again'))
+      , (err) ->
+        growl.error(err.data.error)
+
+
+
   ##
   # Disconnect and re-connect the user to the SSO to force the synchronisation of the profile's data
   ##

app/assets/javascripts/services/authProvider.coffee

@@ -11,4 +11,7 @@ Application.Services.factory 'AuthProvider', ["$resource", ($resource)->
     active:
       method: 'GET'
       url: '/api/auth_providers/active'
+    send_code:
+      method: 'POST'
+      url: '/api/auth_providers/send_code'
 ]

app/assets/templates/profile/_token.html.erb

@@ -3,6 +3,7 @@
         <h3 translate>{{ 'do_you_already_have_an_account' }}</h3>
         <p ng-hide="hasDuplicate()" translate>{{ 'do_not_fill_the_form_beside_but_specify_here_the_code_you_ve_received_by_email_to_recover_your_access' }}</p>
         <p ng-show="hasDuplicate()" translate>{{ 'just_specify_code_here_to_recover_access' }}</p>
+        <p class="pull-right"><a href="#" ng-click="resendCode($event)" translate>{{ 'i_did_not_receive_the_code' }}</a></p>
         <div class="row">
             <div class="col-lg-3 col-lg-offset-1 hidden-md col-sm-3 col-sm-offset-1"></div>
             <div class="col-lg-offset-1 col-lg-6 col-md-12 col-sm-offset-1 col-sm-6">

app/assets/templates/profile/complete.html.erb

@@ -28,7 +28,7 @@
                             {{ 'you_ve_just_created_a_new_account_on_the_fablab_by_logging_from' | translate:{ GENDER: nameGenre, NAME: fablabName }:"messageformat" }}<br/>
                             <img class="m-l v-middle" height="16" width="16" src='https://www.google.com/s2/favicons?domain={{activeProvider.domain}}' />
                             <strong class="v-middle">{{activeProvider.name}} <span ng-if="ssoEmail()">({{ssoEmail()}})</span></strong><br/>
-                            <p class="m-t-md" ng-hide="hasDuplicate()" translate>{{ 'before_letting_you_use_the_application_we_need_some_more_details' }}.</p>
+                            <p class="m-t-md" ng-hide="hasDuplicate()" translate>{{ 'we_need_some_more_details' }}.</p>
                             <p class="m-t-md" ng-show="hasDuplicate()" translate>{{ 'your_email_is_already_used_by_another_account_on_the_platform' }}</p>
                         </div>
                     </section>

app/assets/templates/profile/resend_code_modal.html

@@ -0,0 +1,26 @@
+<div class="modal-header">
+    <img ng-src="{{logoBlack.custom_asset_file_attributes.attachment_url}}" alt="{{logo.custom_asset_file_attributes.attachment}}" class="modal-logo"/>
+    <h1 translate>{{ 'send_code_again' }}</h1>
+</div>
+<div class="modal-body">
+
+    <form name="emailForm">
+        <label for="email" class="beforeAmount" translate>{{ 'email_address_associated_with_your_account' }}</label>
+        <div class="input-group" ng-class="{'has-error': emailForm.email.$dirty && emailForm.email.$invalid }">
+            <span class="input-group-addon"><i class="fa fa-envelope"></i> </span>
+            <input class="form-control"
+                   type="email"
+                   id="email"
+                   name="email"
+                   ng-model="object.email"
+                   required>
+        </div>
+        <span class="help-block error" ng-show="emailForm['email'].$dirty && emailForm['email'].$error.required" translate>{{'email_is_required'}}</span>
+        <span class="help-block error" ng-show="emailForm['email'].$dirty && emailForm['email'].$error.email" translate>{{'email_format_is_incorrect'}}</span>
+    </form>
+
+</div>
+<div class="modal-footer">
+    <button class="btn btn-info" ng-click="ok(object.email)" ng-disabled="emailForm.$invalid" translate>{{ 'confirm' }}</button>
+    <button class="btn btn-default" ng-click="cancel()" translate>{{ 'cancel' }}</button>
+</div>

app/assets/templates/shared/_member_form.html.erb

@@ -55,13 +55,16 @@
                    ng-disabled="preventField['profile.gender'] && user.profile.gender && !userForm['user[profile_attributes][gender]'].$dirty"/>
               <i class="fa fa-female m-l-sm"></i> {{ 'woman' | translate }}
           </label>
-          <span class="help-block" ng-show="userForm['user[profile_attributes][gender]'].$dirty && userForm['user[profile_attributes][gender]'].$error.required" translate>{{ 'gender_is_required' }}</span>
+        <span class="exponent m-l-xs"><i class="fa fa-asterisk" aria-hidden="true"></i></span>
+
+        <span class="help-block" ng-show="userForm['user[profile_attributes][gender]'].$dirty && userForm['user[profile_attributes][gender]'].$error.required" translate>{{ 'gender_is_required' }}</span>
       </div>
 
 
       <div class="form-group" ng-class="{'has-error': userForm['user[username]'].$dirty && userForm['user[username]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-user"></i></span>
+          <span class="input-group-addon"><i class="fa fa-user"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span>
+          </span>
           <input type="text"
                  name="user[username]"
                  ng-model="user.username"
@@ -78,7 +81,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[profile_attributes][last_name]'].$dirty && userForm['user[profile_attributes][last_name]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-user"></i></span>
+          <span class="input-group-addon"><i class="fa fa-user"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="text"
                  name="user[profile_attributes][last_name]"
                  ng-model="user.profile.last_name"
@@ -93,7 +96,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[profile_attributes][first_name]'].$dirty && userForm['user[profile_attributes][first_name]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-user"></i></span>
+          <span class="input-group-addon"><i class="fa fa-user"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="text"
                  name="user[profile_attributes][first_name]"
                  ng-model="user.profile.first_name"
@@ -108,7 +111,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[email]'].$dirty && userForm['user[email]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-envelope"></i> </span>
+          <span class="input-group-addon"><i class="fa fa-envelope"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="email"
                  name="user[email]"
                  ng-model="user.email"
@@ -130,7 +133,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[password]'].$dirty && userForm['user[password]'].$invalid}" ng-if="password.change">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-key"></i> </span>
+          <span class="input-group-addon"><i class="fa fa-key"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="password"
                  name="user[password]"
                  ng-model="user.password"
@@ -146,7 +149,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[password_confirmation]'].$dirty && userForm['user[password_confirmation]'].$invalid}" ng-if="password.change">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-key"></i> </span>
+          <span class="input-group-addon"><i class="fa fa-key"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="password"
                  name="user[password_confirmation]"
                  ng-model="user.password_confirmation"
@@ -164,7 +167,7 @@
 
       <div class="form-group" ng-if="user.profile.organization" ng-class="{'has-error': userForm['user[profile_attributes][organization_attributes][name]'].$dirty && userForm['user[profile_attributes][organization_attributes][name]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-building-o"></i></span>
+          <span class="input-group-addon"><i class="fa fa-building-o"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="hidden"
                  name="user[profile_attributes][organization_attributes][id]"
                  ng-value="user.profile.organization.id" />
@@ -181,7 +184,7 @@
 
       <div class="form-group" ng-if="user.profile.organization" ng-class="{'has-error': userForm['user[profile_attributes][organization_attributes][address_attributes][address]'].$dirty && userForm['user[profile_attributes][organization_attributes][address_attributes][address]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-map-marker"></i></span>
+          <span class="input-group-addon"><i class="fa fa-map-marker"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="hidden"
                  name="user[profile_attributes][organization_attributes][address_attributes][id]"
                  ng-value="user.profile.organization.address.id" />
@@ -198,7 +201,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[profile_attributes][birthday]'].$dirty && userForm['user[profile_attributes][birthday]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-calendar-o"></i> </span>
+          <span class="input-group-addon"><i class="fa fa-calendar-o"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="text"
                  id="user_birthday"
                  class="form-control"
@@ -235,7 +238,7 @@
 
       <div class="form-group" ng-class="{'has-error': userForm['user[profile_attributes][phone]'].$dirty && userForm['user[profile_attributes][phone]'].$invalid}">
         <div class="input-group">
-          <span class="input-group-addon"><i class="fa fa-phone"></i> </span>
+          <span class="input-group-addon"><i class="fa fa-phone"></i> <span class="exponent"><i class="fa fa-asterisk" aria-hidden="true"></i></span></span>
           <input type="text"
                  name="user[profile_attributes][phone]"
                  ng-model="user.profile.phone"

app/controllers/api/auth_providers_controller.rb

@@ -1,7 +1,6 @@
 class API::AuthProvidersController < API::ApiController
 
   before_action :set_provider, only: [:show, :update, :destroy]
-
   def index
     @providers = policy_scope(AuthProvider)
   end
@@ -48,6 +47,25 @@ class API::AuthProvidersController < API::ApiController
     @provider = AuthProvider.active
   end
 
+
+  def send_code
+    authorize AuthProvider
+    user = User.find_by(email: params[:email])
+
+    if user&.auth_token
+      if AuthProvider.active.providable_type != DatabaseProvider.name
+        NotificationCenter.call type: 'notify_user_auth_migration',
+                                receiver: user,
+                                attached_object: user
+        render json: {status: 'processing'}, status: :ok
+      else
+        render json: {status: 'error', error: I18n.t('members.current_authentication_method_no_code')}, status: :bad_request
+      end
+    else
+      render json: {status: 'error', error: I18n.t('members.requested_account_does_not_exists')}, status: :bad_request
+    end
+  end
+
   private
 
     def set_provider

app/policies/auth_provider_policy.rb

@@ -16,4 +16,7 @@ class AuthProviderPolicy < ApplicationPolicy
     user
   end
 
+  def send_code?
+    user
+  end
 end

app/views/api/members/show.json.jbuilder

@@ -30,7 +30,7 @@ json.profile do
     json.address do
       json.id @member.profile.organization.address.id
       json.address @member.profile.organization.address.address
-    end
+    end if @member.profile.organization.address
   end if @member.profile.organization
 
 end

config/locales/app.logged.en.yml

@@ -5,8 +5,8 @@ en:
         # user's profile completion page when logging from an SSO provider
         confirm_your_new_account: "Confirm your new account"
         you_ve_just_created_a_new_account_on_the_fablab_by_logging_from: "You've just created a new account on the {NAME}, by logging from"  # messageFormat interpolation
-        before_letting_you_use_the_application_we_need_some_more_details: "Before letting you use the application, we need some more details"
-        your_email_is_already_used_by_another_account_on_the_platform: "But wait, there is a problem! Your email is already used by another account on the platform."
+        we_need_some_more_details: "To finalize the platform setup, we need some more details"
+        your_email_is_already_used_by_another_account_on_the_platform: "It looks like your email address is already used by another user. Check your email address and please input below the code sent to you."
         please_fill_the_following_form: "Please fill the following form"
         some_data_may_have_already_been_provided_by_provider_and_cannot_be_modified: "Some data may have already been provided by {{NAME}} and cannot be modified"  # angular interpolation
         then_click_on_: "Then click on"
@@ -18,9 +18,14 @@ en:
         do_you_already_have_an_account: "Do you already have an account?"
         do_not_fill_the_form_beside_but_specify_here_the_code_you_ve_received_by_email_to_recover_your_access: "Do not fill the form beside but specify here the code you've received by email, to recover your access."
         just_specify_code_here_to_recover_access: "Just specify here the code you've received by email to recover your access."
+        i_did_not_receive_the_code: "I didn't receive the code"
         authentification_code: "Authentification code"
         confirm_my_code: "Confirm my code"
         an_unexpected_error_occurred_check_your_authentication_code: "An unexpected error occurred, please check your authentication code."
+        send_code_again: "Send the code again"
+        email_address_associated_with_your_account: "Email address associated with your account"
+        email_format_is_incorrect: "Email format is incorrect"
+        code_successfully_sent_again: "Code successfully sent again"
 
       dashboard:
         # dashboard: public profile

config/locales/app.logged.fr.yml

@@ -5,8 +5,8 @@ fr:
         # page de complétion du profil utilisateur, à la première connexion depuis un SSO
         confirm_your_new_account: "Confirmez votre nouveau compte"
         you_ve_just_created_a_new_account_on_the_fablab_by_logging_from: "Vous venez de créer un nouveau compte sur {GENDER, select, male{le} female{la} other{les}} {NAME}, en vous connectant depuis"  # messageFormat interpolation
-        before_letting_you_use_the_application_we_need_some_more_details: "Avant de vous laisser utiliser l'application, nous avons besoin de quelques renseignements supplémentaires"
-        your_email_is_already_used_by_another_account_on_the_platform: "Mais attendez, il y a un problème ! Votre adresse de courriel est déjà utilisée par un autre compte sur cette plate-forme."
+        we_need_some_more_details: "Afin de finaliser le paramétrage de la plate-forme, nous avons besoin de quelques renseignements supplémentaires"
+        your_email_is_already_used_by_another_account_on_the_platform: "Il semblerait que votre adresse de courriel soit déjà utilisée par un autre utilisateur. Vérifiez votre adresse électronique et veuillez saisir ci-dessous le code qui vient de vous être envoyé."
         please_fill_the_following_form: "Merci de compléter le formulaire suivant"
         some_data_may_have_already_been_provided_by_provider_and_cannot_be_modified: "Certaines informations peuvent nous avoir été déjà fournies par {{NAME}} et ne sont pas modifiables"  # angular interpolation
         then_click_on_: "Cliquez ensuite sur"
@@ -18,9 +18,14 @@ fr:
         do_you_already_have_an_account: "Vous possédez déjà un compte ?"
         do_not_fill_the_form_beside_but_specify_here_the_code_you_ve_received_by_email_to_recover_your_access: "Ne remplissez pas le formulaire à gauche mais indiquez ici le code qui vous a été fourni par e-mail, cela vous permettra de récupérer l'accès à votre compte."
         just_specify_code_here_to_recover_access: "Indiquez simplement ici le code que vous avez reçu par e-mail, cela vous permettra de récupérer l'accès à votre compte."
+        i_did_not_receive_the_code: "Je n'ai pas reçu le code"
         authentification_code: "Code d'authentification"
         confirm_my_code: "Valider mon code"
         an_unexpected_error_occurred_check_your_authentication_code: "Une erreur inattendue est survenue, vérifiez votre code d'authentification."
+        send_code_again: "Renvoyer le code"
+        email_address_associated_with_your_account: "Adresse électronique associée à votre compte"
+        email_format_is_incorrect: "Le format de l'adresse email est incorrect"
+        code_successfully_sent_again: "Le code a bien été renvoyé"
 
       dashboard:
         # tableau de bord: profile publique

config/locales/en.yml

@@ -63,6 +63,8 @@ en:
     unable_to_change_the_group_while_a_subscription_is_running: "Unable to change the group while a subscription is running"
     please_input_the_authentication_code_sent_to_the_address: "Please input the authentication code sent to the e-mail address %{EMAIL}"
     your_authentication_code_is_not_valid: "Your authentication code is not valid."
+    current_authentication_method_no_code: "The current authentication method does not require any migration code"
+    requested_account_does_not_exists: "The requested account does not exist"
 
   invoices:
     # PDF invoices generation

config/locales/fr.yml

@@ -63,6 +63,8 @@ fr:
     unable_to_change_the_group_while_a_subscription_is_running: "Impossible de changer le groupe tant qu'un abonnement est en cours"
     please_input_the_authentication_code_sent_to_the_address: "Merci d'enter le code d'authentification qui a été envoyé à l'adresse de courriel %{EMAIL}"
     your_authentication_code_is_not_valid: "Votre code d'authentification n'est pas valide."
+    current_authentication_method_no_code: "La méthode d'authentification actuelle ne requiert pas de code de migration"
+    requested_account_does_not_exists: "Le compte utilisateur demandé n'existe pas"
 
   invoices:
     # génération des factures en PDF

config/locales/mails.en.yml

@@ -140,7 +140,7 @@ en:
     notify_member_avoir_ready:
       subject: "Your FabLab's refund invoice"
       body:
-        please_find_attached_html: "Please find as attached file your refund invoice from {DATE}, with an amount of {AMOUNT} concerning your {TYPE, select, Reservation{reservation} other{subscription}}."  # messageFormat interpolation
+        please_find_attached_html: "Please find as attached file your refund invoice from {DATE}, with an amount of {AMOUNT} concerning your {TYPE, select, Reservation{reservation} WalletTransaction{wallet credit} other{subscription}}."  # messageFormat interpolation
         invoice_in_your_dashboard_html: "You can access your refund invoice in %{DASHBOARD} on the Fab Lab website."
         your_dashboard: "your dashboard"
 

config/locales/mails.fr.yml

@@ -140,7 +140,7 @@ fr:
     notify_member_avoir_ready:
       subject: "Votre facture d'avoir du FabLab"
       body:
-        please_find_attached_html: "Vous trouverez en pièce jointe votre facture d'avoir du {DATE}, d'un montant de {AMOUNT} concernant votre {TYPE, select, Reservation{réservation} other{abonnement}}."  # messageFormat interpolation
+        please_find_attached_html: "Vous trouverez en pièce jointe votre facture d'avoir du {DATE}, d'un montant de {AMOUNT} concernant votre {TYPE, select, Reservation{réservation} WalletTransaction{crédit du porte-monnaie} other{abonnement}}."  # messageFormat interpolation
         invoice_in_your_dashboard_html: "Vous pouvez à tout moment retrouver votre facture d'avoir dans %{DASHBOARD} sur le site du Fab Lab."
         your_dashboard: "votre tableau de bord"
 

config/routes.rb

@@ -114,6 +114,7 @@ Rails.application.routes.draw do
     resources :auth_providers do
       get 'mapping_fields', on: :collection
       get 'active', action: 'active', on: :collection
+      post 'send_code', action: 'send_code', on: :collection
     end
     resources :abuses, only: [:create]
     resources :open_api_clients, only: [:index, :create, :update, :destroy] do

db/schema.rb

@@ -289,7 +289,7 @@ ActiveRecord::Schema.define(version: 20161123104604) do
     t.boolean  "is_read",                          default: false
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.string   "receiver_type"
+    t.string   "receiver_type",        limit: 255
     t.boolean  "is_send",                          default: false
     t.jsonb    "meta_data",                        default: {}
   end
@@ -320,7 +320,6 @@ ActiveRecord::Schema.define(version: 20161123104604) do
     t.datetime "created_at",             null: false
     t.datetime "updated_at",             null: false
     t.string   "profile_url"
-    t.string   "logout_endpoint"
   end
 
   create_table "offer_days", force: :cascade do |t|
@@ -467,7 +466,7 @@ ActiveRecord::Schema.define(version: 20161123104604) do
     t.datetime "published_at"
   end
 
-  add_index "projects", ["slug"], name: "index_projects_on_slug", using: :btree
+  add_index "projects", ["slug"], name: "index_projects_on_slug", unique: true, using: :btree
 
   create_table "projects_components", force: :cascade do |t|
     t.integer "project_id"
@@ -536,8 +535,8 @@ ActiveRecord::Schema.define(version: 20161123104604) do
     t.datetime "updated_at"
     t.integer  "availability_id"
     t.datetime "ex_start_at"
-    t.datetime "ex_end_at"
     t.datetime "canceled_at"
+    t.datetime "ex_end_at"
     t.boolean  "offered",         default: false
   end
 
@@ -719,6 +718,7 @@ ActiveRecord::Schema.define(version: 20161123104604) do
   add_index "user_trainings", ["user_id"], name: "index_user_trainings_on_user_id", using: :btree
 
   create_table "users", force: :cascade do |t|
+    t.string   "username",               limit: 255
     t.string   "email",                  limit: 255, default: "",    null: false
     t.string   "encrypted_password",     limit: 255, default: "",    null: false
     t.string   "reset_password_token",   limit: 255
@@ -741,7 +741,6 @@ ActiveRecord::Schema.define(version: 20161123104604) do
     t.boolean  "is_allow_contact",                   default: true
     t.integer  "group_id"
     t.string   "stp_customer_id",        limit: 255
-    t.string   "username",               limit: 255
     t.string   "slug",                   limit: 255
     t.boolean  "is_active",                          default: true
     t.boolean  "invoicing_disabled",                 default: false